Hello Shiro developers. I have recently been using Shiro for all my security needs, and I adore the framework. Recently though, I have been moving more and more towards OSGi specification, and it feels like Shiro is a little lacking in that area. It works well enough but it is quite static, and does not really handle the dynamic nature of OSGi.
As far as I can see, all the wiring in Shiro on OSGi is one at initialization time, and remains static while the application is running. I think I have a pretty low impact way to create an OSGi based SecurityManager that would register Realms, SubjectDAO's, SessionManagers et cetera as services, allowing bundles to register their own sessionmanagers, cachemanagers, and more importantly realms, when they start up. The result would be an OSGi based SecurityManager that does not start up statically, for example with an INI file, but uses the OSGi service registry to get its resources at runtime. The overall plan is to create a few changes in Shiro Core and Shiro Web, so it is possible to define how the individual parts connects to each other. So, basically i want to change hardwired references to small adapter classes, that can be injected to change how the components finds each other. The existing SecurityManagers should of cause remain unaffected and there should be no change to the end user experience. I will also create an adapter, that can be used in place of the static securitymanager when running OSGi. When that is done, I will add a number of modules to serve as dedicated OSGi bundles, using hopefully 95& of the code from Core and Web, so the standard components can be started as separate bundles, and replaced by custom implementations if necessary. My hope is that, when done, it will be possible to use a securitymanager that doesn't wire anything at startup, and can change at runtime, as bundles are started and stopped. I am very willing to put in the hours to make this happen, but it would be nice to know that this is something that the maintainers actaully want, so I don't end up with something that isn't desired. I also have not worked that much with the Web bundle, so I might have some questions down the line. So: Is this something that that you would consider a pull request for? Of cause i can't guarantee that it will work, but i am willing to try, provided that i get some assurance that it is actually something you want in the project. Please let me know Martin Nielsen -Hopeful Apache Committer
